Support resources with Regex

[darrenhaken]

We sometimes create our resource names dynamically with a prefix, would it be possible to define resources with Regex?

An example would be an autoscaling group prefixed with autoscaling-app.

[k1LoW]

Hi @darrenhaken . Thank you for your comment.

awspec is testing framework (on Rspec ). I think that we should make strict comparisons. So awspec do not support regex resource match ( link #270 ).

You can use Tag instead of resource prefix.

Best Regards.

[darrenhaken]

So would that be describe Tag()?

[k1LoW]

Tag is http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html

Some awspec resource support tag:Name . and I'm making awsrm to select by tag:*, now.

[nictrix]

I second this since RSpec was referenced and that framework has regex matches I don't see the reasoning for being overly strict with name comparison matches.

I use the Name tag the same way I name the resource, so both are dynamic. I shouldn't have to change the automation code to make the test framework happy. The test framework needs to support those possibilities.

[darrenhaken]

It was such a deal breaker for me that I had to stop using awspec for things which are dynamic. I had to write my own DSL instead to get resources using the SDK directly.

[ohlol]

I agree with @darrenhaken and @nictrix. Many resources in Terraform support name_prefix but don't have support for tags in AWS, so it's not always possible to use this suggested method. One such example that comes to mind is a Launch Configuration.

The work required to support wildcards should not be very significant; I've hacked it in myself just for testing awspec and it was only a few LOC.

[nictrix]

@ohlol would you be able to contribute back that code to this repo?

[ohlol]

@nictrix https://gist.github.com/ohlol/3e12e7e45491cd251de1df5495c5ecbf

Edit: Happy to submit a PR but it seems @k1LoW isn't interested.

[nictrix]

@ohlol Maybe a goodwill PR will get @k1LoW onboard with the idea? I know it could be work that could go to waste, but it might be worth the effort.

[kennethmyers]

This would be a very helpful feature to have!

[nictrix]

@ohlol looks like @k1LoW would want the regex option in awsrm, per @k1LoW 's reply: In my opinion Regex support is useful. But it may test the wrong resource. So I think awspec should be strict, and awsrm should be useful resource finder. If I implement regex support, it's awsrm, not awspec.

[ohlol]

@nictrix unfortunately the way awsrm is designed prevents this, as far as I can tell.

[camprr]

Having the same problem here with CloudFormation generated resources. They are often appended with a 'random' string generated by CloudFormation. e.g. arn:aws:iam::61608589710:policy/ghb-account-setup-GHBAPIPolicy-Y9HB9W2CY4ZC This is to let CloudFormation 'mark' it's resources. But it generates quite a headache for us in combo with AWSpec. Unfortunately not really a Ruby programmer.

[nictrix]

@ohlol since I'm using Terraform and testing with Kitchen-Terraform I ended up using outputs of the autoscaling group ID - then InSpec and Kitchen-Terraform used that to send it into the awspec tests.

Kitchen-Terraform lets me do this above the InSpec tests: asg_id = attribute("asg_id",{})

asg_id comes from the output:

output "asg_id" {
  value = "${aws_autoscaling_group.my_group.id}"
 }

So, for now, I've satisfied my needs, but it only works because of Kitchen-Terraform. I still think awspec should have this option.

[ohlol]

@nictrix that is a great idea. I think I can work with that, thank you!